cve-2026-31549

About this tag
CVE-2026-31549 is a Linux kernel vulnerability in the Silicon Labs CP2615 I2C driver (i2c-cp2615). The issue arises during device probing when the driver uses the USB device's serial string as the I2C adapter name without verifying its existence. If a CP2615-compatible USB device lacks a serial number, the driver may dereference a NULL pointer, leading to a kernel panic. This tag covers discussions, analysis, and mitigation strategies for CVE-2026-31549, including its impact on Linux systems and potential workarounds. While the vulnerability is specific to Linux, it may affect systems running Windows Subsystem for Linux or virtualized environments.
  1. CVE-2026-31549: Linux cp2615 NULL Pointer Dereference via I2C Probe

    CVE-2026-31549: Linux Kernel cp2615 NULL Pointer Dereference in I2C Probe Path CVE-2026-31549 is a Linux kernel vulnerability affecting the Silicon Labs CP2615 I2C driver. The issue occurs in the i2c-cp2615 driver during device probing, where the driver uses the USB device’s serial string as the...